API Reference
Complete API documentation for all endpoints
📋 Overview
This section provides comprehensive API documentation for Izri, covering all tRPC procedures, REST endpoints, and webhook integrations. This reference is essential for frontend developers and API consumers.
🎯 API Architecture
- Primary API: tRPC for type-safe communication
- REST Fallback: Limited REST endpoints for non-TypeScript clients
- Webhooks: GitHub webhook integration for automation
📚 Documentation Pages
tRPC Procedures
Complete tRPC API reference
- All query procedures
- All mutation procedures
- Input/output types
- Error handling
- Usage examples
- Authentication requirements
REST Endpoints
HTTP REST API reference
- Available endpoints
- Request/response formats
- Authentication headers
- Error codes
- Rate limiting
- Examples with curl
Webhooks
Webhook integration guide
- GitHub webhooks
- Event types
- Payload formats
- Signature verification
- Handler implementation
- Testing webhooks
🚀 API Overview
Base URLs
| Environment | URL |
|---|---|
| Development | http://localhost:4000 |
| Production | https://api.izri.com |
Authentication
// Session-based (current)
// Cookie sent automatically by browser
// API Token (future)
headers: {
'Authorization': 'Bearer your-api-token'
}
📡 tRPC Procedures
Queries (Read Operations)
| Procedure | Input | Output | Description |
|---|---|---|---|
health |
- | { ok: boolean } |
Health check (tRPC query) |
auth.getSession |
- | SessionInfo |
Get current session |
auth.getProfile |
- | User |
Get user profile |
auth.listSessions |
- | Session[] |
List user sessions |
auth.getAuditLogs |
{ limit, offset } |
AuditLog[] |
Get auth audit logs |
projects.getProjects |
{ userEmail } |
Project[] |
Get user's projects |
projects.getProject |
{ projectId, userEmail } |
Project |
Get single project |
projects.getProjectAnalyses |
{ projectId, userEmail } |
Analysis[] |
Get project analyses |
projects.getLatestProjectAnalysis |
{ projectId, userEmail } |
Analysis |
Get latest analysis |
organizations.list |
{ userEmail } |
Organization[] |
List user's organizations |
organizations.getBySlug |
{ slug, userEmail } |
Organization |
Get organization by slug |
organizations.getMembers |
{ organizationId, userEmail } |
Member[] |
Get organization members |
github.getGitHubRepositories |
{ userEmail } |
Repository[] |
Get GitHub repos |
Mutations (Write Operations)
| Procedure | Input | Output | Description |
|---|---|---|---|
auth.invalidateSession |
- | { success: boolean } |
Logout current session |
auth.revokeSession |
{ sessionToken } |
{ success: boolean } |
Revoke specific session |
auth.revokeOtherSessions |
- | { success: boolean } |
Revoke all other sessions |
auth.updateProfile |
{ name?, avatar? } |
User |
Update user profile |
projects.createProject |
CreateProjectInput |
Project |
Create new project |
projects.updateProject |
UpdateProjectInput |
Project |
Update project |
projects.deleteProject |
{ projectId, userEmail } |
{ message } |
Delete project |
projects.updateProjectSettings |
{ projectId, userEmail, settings } |
ProjectSettings |
Update project settings |
organizations.create |
{ name, slug, userEmail, description? } |
Organization |
Create organization |
organizations.update |
{ organizationId, userEmail, ... } |
Organization |
Update organization |
organizations.delete |
{ organizationId, userEmail } |
{ message } |
Delete organization |
organizations.inviteMember |
{ organizationId, userEmail, userToInviteEmail, role } |
Member |
Invite user to organization |
organizations.updateMemberRole |
{ organizationId, membershipId, userEmail, role } |
Member |
Update member role |
organizations.removeMember |
{ organizationId, membershipId, userEmail } |
{ message } |
Remove organization member |
analysis.analyzeRepository |
{ projectId, repoUrl, userEmail, ... } |
AnalysisResult |
Analyze repository |
📝 Common Types
Project
interface Project {
id: string
name: string
description: string | null
repository: string
branch: string
language: string
framework: string | null
userId: string
organizationId: string | null
createdAt: Date
updatedAt: Date
testRuns?: TestRun[]
}
TestRun
interface TestRun {
id: string
projectId: string
userId: string
status: TestStatus
type: TestType
totalTests: number
passedTests: number
failedTests: number
skippedTests: number
coverage: number | null
duration: number | null
startedAt: Date | null
completedAt: Date | null
createdAt: Date
}
enum TestStatus {
PENDING = 'PENDING',
RUNNING = 'RUNNING',
COMPLETED = 'COMPLETED',
FAILED = 'FAILED',
CANCELLED = 'CANCELLED'
}
enum TestType {
UNIT = 'UNIT',
INTEGRATION = 'INTEGRATION',
E2E = 'E2E',
ALL = 'ALL'
}
Repository
interface Repository {
id: number
name: string
fullName: string
description: string | null
url: string
cloneUrl: string
language: string
stars: number
forks: number
isPrivate: boolean
updatedAt: string
defaultBranch: string
}
🔧 Usage Examples
TypeScript/JavaScript (tRPC Client)
import { createTRPCProxyClient, httpBatchLink } from '@trpc/client'
import type { AppRouter } from '@izri/trpc'
const client = createTRPCProxyClient<AppRouter>({
links: [
httpBatchLink({
url: 'http://localhost:4000/trpc',
}),
],
})
// Query
const projects = await client.getProjects.query({
userEmail: 'user@example.com'
})
// Mutation
const newProject = await client.createProject.mutate({
name: 'My Project',
description: 'A test project',
repository: 'https://github.com/user/repo',
branch: 'main',
language: 'typescript',
userEmail: 'user@example.com'
})
React (tRPC Hooks)
import { trpc } from '~/lib/trpc'
function MyComponent() {
// Query with auto-refetch
const { data, isLoading, error } = trpc.getProjects.useQuery({
userEmail: 'user@example.com'
})
// Mutation with optimistic updates
const createProject = trpc.createProject.useMutation({
onSuccess: () => {
// Invalidate and refetch
trpc.useContext().getProjects.invalidate()
}
})
const handleCreate = () => {
createProject.mutate({
name: 'New Project',
repository: 'https://github.com/user/repo',
branch: 'main',
language: 'typescript',
userEmail: 'user@example.com'
})
}
if (isLoading) return <div>Loading...</div>
if (error) return <div>Error: {error.message}</div>
return (
<div>
{data?.map(project => (
<div key={project.id}>{project.name}</div>
))}
<button onClick={handleCreate}>Create Project</button>
</div>
)
}
curl (REST)
# Health check
curl http://localhost:4000/health
# tRPC query (POST with JSON body)
curl -X POST http://localhost:4000/trpc/getProjects \
-H "Content-Type: application/json" \
-d '{"userEmail":"user@example.com"}'
# tRPC mutation
curl -X POST http://localhost:4000/trpc/createProject \
-H "Content-Type: application/json" \
-d '{
"name": "My Project",
"repository": "https://github.com/user/repo",
"branch": "main",
"language": "typescript",
"userEmail": "user@example.com"
}'
⚠️ Error Handling
Error Response Format
interface TRPCError {
message: string
code: string
data?: {
code: string
httpStatus: number
path: string
stack?: string
}
}
Error Codes
| Code | HTTP Status | Description |
|---|---|---|
BAD_REQUEST |
400 | Invalid input |
UNAUTHORIZED |
401 | Authentication required |
FORBIDDEN |
403 | Permission denied |
NOT_FOUND |
404 | Resource not found |
INTERNAL_SERVER_ERROR |
500 | Server error |
TIMEOUT |
504 | Request timeout |
Error Handling Example
try {
const project = await client.getProject.query({ id: 'invalid-id' })
} catch (error) {
if (error instanceof TRPCClientError) {
if (error.data?.code === 'NOT_FOUND') {
console.log('Project not found')
} else {
console.error('API error:', error.message)
}
}
}
📊 Rate Limiting
Planned Limits (Not Yet Implemented)
Rate limiting is planned for future implementation to protect against abuse and ensure fair usage.
| Endpoint Type | Planned Rate Limit | Window |
|---|---|---|
| Read (queries) | 100 requests | 1 minute |
| Write (mutations) | 20 requests | 1 minute |
| Webhooks | 10 requests | 1 minute |
Future Rate Limit Headers
Once implemented, these headers will be included in responses:
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 95
X-RateLimit-Reset: 1640000000
Retry-After: 60
🔐 Authentication
Session Authentication (Current)
// Automatically handled by browser cookies
// No additional headers required
API Token Authentication (Planned)
// In headers
{
'Authorization': 'Bearer your-api-token'
}
// Example
fetch('http://localhost:4000/trpc/getProjects', {
headers: {
'Authorization': 'Bearer sk_live_...'
}
})
🔗 Related Documentation
- Backend: Backend Documentation
- Frontend: tRPC Integration
- Packages: tRPC Package
📖 Additional Resources
Explore detailed API documentation →